Preventing fraud in new age banking
It’s no surprise that the global financial crisis of 2008 had a devastating impact on the world at large. Several banks overleveraged customers who were simply unable to meet their ever-increasing mountain of debt. The aftermath, as we all know, was a turning point that changed the face of the industry forever. Despite the unfortunate outcome that saw many a livelihood lost, the lessons that have since been learnt have provided a strong foundation for the financial industry as a whole.
Today, there are several systems and procedures in place to protect both banks and customers from any misfortune, and to clamp down on greed. Banks are now accountable for complying with best global standards and regulations, and delivering quality services to their customers. However, as a Chief Compliance Officer, banking compliance is just one part of the puzzle I need to solve. An equally important, but far less debated part in the banking industry is how to prevent fraud.
Fraud prevention has emerged as one of the most significant topics on the minds of the uppermost management and senior banking boards. This is given the exorbitant amount of funds banks potentially handle from a day-today basis, and the emergence of new security risks, such as cybercrime. EY’s Global Fraud Survey 2016 shows that while many businesses have made significant progress in tackling fraud and corruption, there remains a persistent level of unethical conduct — 39 per cent of respondents consider bribery and corruption to happen widely in their country, with almost half able to justify unethical behaviour to meet financial targets.
Today, strong controls to prevent and deal with fraud are more necessary than ever — not just to curb the problem, but as part of an organisation’s corporate social responsibility (CSR) strategy. Furthermore, such controls are essential to give stakeholders the assurance that the bank is complying with the highest transparency standards and not engaging in fraudulent practices.
We can broadly classify fraud into two main categories — internal and external.
Internal fraud
Internal frauds are those that involve staff within an organisation. According to the Kroll 2016/2017 Global Fraud & Risk Report, companies are most at risk of fraud from a current, former or temporary employee. However disheartening this fact may be, the truth remains that there is a high likelihood of such frauds when staff attempt to illegally access funds in customers’ accounts, or assist customers in applying for finances with incorrect documents or misstatements. Frauds can also occur due to a genuine mistake by the staff member, in which case the bank must examine the case carefully and deal with the situation as needed. To put an end to any incidents, fraud teams at banks are responsible for creating policies within the bank to tackle any potential incidents. These policies can include what to do in certain situations and outline the responsibility of employees and management when reporting suspected fraud, among other issues.
External fraud
External frauds mainly relate to cases where third parties attempt to hack into the bank’s systems and customer accounts. In the prevailing financial landscape, criminals attempting to use fraudulent documents including fake cheques, and falsified credentials to support applications for finance abound. If the customer has submitted such an application in good faith, however, banks will support the customer and work with local authorities to resolve the situation.
Cyber threats have also become a major concern. They are no longer simply an IT problem, but require the preparedness and cooperation of all stakeholders across the board to truly nip in the bud. According to the same Kroll report, an astonishing 85 per cent of executives surveyed mentioned that their companies had experienced a cyber-attack or information theft, losses of some kind, or even an attack in the last 12 months. This is a trend that is more prevalent in the industry, and according to various reports, with more people facing identity thefts and card theft.
Precautionary measures
Given the increasing prevalence of such financial threats, banks work hand in hand with the UAE Central Bank to counter such new-age challenges. Furthermore, banks manage these risks through introducing several measures that will implement strong operating policies, supported by internal control and audit reviews.
Banks are also initiating tighter controls over IT systems and security in order to deal with cyber threats. New-Age banks should ensure that their alert and management systems are sophisticated and intelligent, with strong behavioural analytics implemented. What this essentially means is that if customers engage in transactions that are unusual or different from their normal behaviour, the system will alert the bank about suspicious activity, which may indicate that an unauthorised individual has access to the account. One of the most important activities banks engage in today is to build awareness. At Noor Bank, we regularly share flyers, banners, and e-mails in addition to organising a variety of fraud sessions for both customers and staff. This ensures that in the event of a fraud, our stakeholders have strong clarity about which channel to report the incident to first.